fix: Updated vnet link condition for same vnet in same resource group.

clouddrove · Jun 2, 2023 · e6c0a04 · e6c0a04
1 parent 6e234de
commit e6c0a04
Show file tree

Hide file tree

Showing 6 changed files with 28 additions and 13 deletions.
diff --git a/_example/basic/example.tf b/_example/basic/example.tf
@@ -22,4 +22,5 @@ module "container-registry" {
   ##-----------------------------------------------------------------------------
   virtual_network_id = "vnet_id"
   subnet_id          = "subnet_id"
+  enable_diagnostic  = false
 }
diff --git a/_example/complete/example.tf b/_example/complete/example.tf
@@ -60,6 +60,21 @@ module "subnet" {
   ]
 }
 
+##----------------------------------------------------------------------------- 
+## Log Analytic Module Call.
+## Log Analytic workspace for diagnostic setting. 
+##-----------------------------------------------------------------------------
+module "log-analytics" {
+  source                           = "clouddrove/log-analytics/azure"
+  version                          = "1.0.1"
+  name                             = local.name
+  environment                      = local.environment
+  create_log_analytics_workspace   = true
+  log_analytics_workspace_sku      = "PerGB2018"
+  resource_group_name              = module.resource_group.resource_group_name
+  log_analytics_workspace_location = module.resource_group.resource_group_location
+}
+
 ##----------------------------------------------------------------------------- 
 ## ACR module call.
 ##-----------------------------------------------------------------------------
@@ -73,6 +88,7 @@ module "container-registry" {
     name = "cdacr1234" # Name of Container Registry
     sku  = "Premium"
   }
+  log_analytics_workspace_id = "module.log-analytics.workspace_id"
   ##----------------------------------------------------------------------------- 
   ## To be mentioned for private endpoint, because private endpoint is enabled by default.
   ## To disable private endpoint set 'enable_private_endpoint' variable = false and than no need to specify following variable  

diff --git a/_example/with_existing_dns_zone_in_diff_rg/example.tf b/_example/with_existing_dns_zone_in_diff_rg/example.tf
@@ -75,6 +75,7 @@ module "container-registry" {
     name = "cdacr1234" # Name of Container Registry
     sku  = "Premium"
   }
+  log_analytics_workspace_id = ""
   ##----------------------------------------------------------------------------- 
   ## To be mentioned for private endpoint, because private endpoint is enabled by default.
   ## To disable private endpoint set 'enable_private_endpoint' variable = false and than no need to specify following variable  

diff --git a/_example/with_existing_dns_zone_in_diff_subs/example.tf b/_example/with_existing_dns_zone_in_diff_subs/example.tf
@@ -74,6 +74,7 @@ module "container-registry" {
     name = "cdacr1234" # Name of Container Registry
     sku  = "Premium"
   }
+  log_analytics_workspace_id = ""
   ##----------------------------------------------------------------------------- 
   ## To be mentioned for private endpoint, because private endpoint is enabled by default.
   ## To disable private endpoint set 'enable_private_endpoint' variable = false and than no need to specify following variable  

diff --git a/main.tf b/main.tf
@@ -192,7 +192,7 @@ resource "azurerm_private_dns_zone" "dnszone1" {
 ## Resource group and private dns zone in which vnet link is to be created will be decided from condition present in locals and will be passed as locals. 
 ##-----------------------------------------------------------------------------
 resource "azurerm_private_dns_zone_virtual_network_link" "vent-link-same-sub" {
-  count                 = var.enable && var.enable_private_endpoint && var.diff_sub == false ? 1 : 0
+  count                 = var.enable && var.enable_private_endpoint && var.diff_sub == false && var.same_vnet == false ? 1 : 0
   name                  = var.existing_private_dns_zone == null ? format("%s-pdz-vnet-link-acr", module.labels.id) : format("%s-pdz-vnet-link-acr-1", module.labels.id)
   resource_group_name   = local.valid_rg_name
   private_dns_zone_name = local.private_dns_zone_name
@@ -282,10 +282,10 @@ resource "azurerm_private_dns_a_record" "arecord_diff-sub" {
 ## Below resource will create diagnostic setting for ACR.   
 ##-----------------------------------------------------------------------------
 resource "azurerm_monitor_diagnostic_setting" "acr-diag" {
-  count                      = var.enable_diagnostic && var.log_analytics_workspace_name != null || var.storage_account_name != null ? 1 : 0
+  count                      = var.enable && var.enable_diagnostic ? 1 : 0
   name                       = lower("acr-${var.container_registry_config.name}-diag")
   target_resource_id         = azurerm_container_registry.main[0].id
-  storage_account_id         = var.storage_account_name != null ? var.storage_account_id : null
+  storage_account_id         = var.storage_account_id
   log_analytics_workspace_id = var.log_analytics_workspace_id
 
   dynamic "log" {

diff --git a/variables.tf b/variables.tf
@@ -143,16 +143,6 @@ variable "private_subnet_address_prefix" {
   default     = null
 }
 
-variable "log_analytics_workspace_name" {
-  description = "The name of log analytics workspace name"
-  default     = null
-}
-
-variable "storage_account_name" {
-  description = "The name of the hub storage account to store logs"
-  default     = null
-}
-
 variable "acr_diag_logs" {
   description = "Application Gateway Monitoring Category details for Azure Diagnostic setting"
   default     = ["ContainerRegistryRepositoryEvents", "ContainerRegistryLoginEvents"]
@@ -253,4 +243,10 @@ variable "addon_virtual_network_id" {
   type        = string
   default     = ""
   description = "The name of the addon vnet link vnet id"
+}
+
+variable "same_vnet" {
+  type        = bool
+  default     = false
+  description = "Variable to be set when multiple acr having common DNS in same vnet."
 }